Yuuki Takano

Multipath key exchange on P2P networks

Distributed-hash-table (DHT) has been proposed to solve the problem of scaling for P2P networks. However, there are some problems of security in P2P networks. One of the problem is that key exchange is not performed preventing against endangering security. This reason may be the fact that P2P networks have no trusted server. Although certification and authentication are able to protect key exchange from spoofing and man-in-the-middle attacks, these cannot be applied because of that. Therefore, an attacker can easily compromise key exchange since P2P networks should accept any node whether it is malicious or not, and every node of P2P networks plays a role of router. Until today, for the above reasons, there is no way to exchange the secret key on P2P networks protecting against encountering security. In this paper, we propose a key exchange method on P2P networks protecting against spoofing and man-in-the-middle attacks. For the purpose of protecting key exchange from encountering security, we present the enhanced routings which are directional and probabilistic routings.

Success Probability in χ 2 -Attacks

Knudsen and Meier applied the χ 2-attack to RC6. This attack is one of the most effective attacks for RC6. The χ 2-attack can be used for both distinguishing attacks and for key recovery attacks. Up to the present, theoretical analysis of χ 2-attacks, especially the relation between a distinguishing attack and a key recovery attack, has not been discussed. In this paper, we investigate the theoretical relation between the distinguishing attack and the key recovery attack for the first time, and prove the theorem to evaluate the success probability of a key recovery attack by using the results of a distinguishing attack. We also demonstrate the accuracy to χ 2-attack on RC5-64 and RC6 without post-whitening by comparing the implemented results.

GINTATE: Scalable and Extensible Deep Packet Inspection System for Encrypted Network Traffic: Session Resumption in Transport Layer Security Communication Considered Harmful to DPI

Deep packet inspection (DPI) is a basic monitoring technology, which realizes network traffic control based on application payload. The technology is used to prevent threats (e.g., intrusion detection systems, firewalls) and extract information (e.g., content filtering systems). Moreover, transport layer security (TLS) monitoring is required because of the increasing use of the TLS protocol, particularly by hypertext transfer protocol secure (HTTPS). TLS monitoring is different from TCP monitoring in two aspects. First, monitoring systems cannot inspect the content in TLS communication, which is encrypted. Second, TLS communication is a session unit composed of one or more TCP connections. In enterprise networks, dedicated TLS proxies are deployed to perform TLS monitoring. However, the proxies cannot be used when monitored devices are unable to use a custom certificate. Additionally, these networks contain problems of scale and complexity that affect the monitoring. Therefore, the DPI processing using another method requires high-speed processing and various protocol analyses across TCP connections in TLS monitoring. However, it is difficult to realize both simultaneously. We propose GINTATE, which decrypts TLS communication using shared keys and monitors the results. GINTATE is a scalable architecture that uses distributed computing and considers relational sessions across multiple TCP connections in TLS communication. Additionally, GINTATE achieves DPI processing by adding an extensible analysis module. By comparing GINTATE against other systems, we show that it can perform DPI processing by managing relational sessions via distributed computing and that it is scalable.

FARIS: Fast and Memory-Efficient URL Filter by Domain Specific Machine

Uniform resource locator (URL) filtering is a fundamental technology for intrusion detection, HTTP proxies, content distribution networks, content-centric networks, and many other application areas. Some applications adopt URL filtering to protect user privacy from malicious or insecure websites. AdBlock Plus is an example of a URL-filtering application, which filters sites that intend to steal sensitive information. Unfortunately, AdBlock Plus is implemented inefficiently, resulting in a slow application that consumes much memory. Although it provides a domain-specific language (DSL) to represent URLs, it internally uses regular expressions and does not take advantage of the benefits of the DSL. In addition, the number of filter rules become large, which makes matters worse. In this paper, we propose the fast uniform resource identifier-specific filter, which is a domain-specific pseudo-machine for the DSL, to improve the performance of AdBlock Plus. Compared with a conventional implementation that internally adopts regular expressions, our proof-of-concept implementation is fast and small memory footprint.

On the success probability of χ 2 -attack on RC6

Knudsen and Meier applied the χ2-attack to RC6. The χ2-attack can be used for both distinguishing attacks and key recovery attacks. Up to the present, the success probability of key recovery attack in any χ2-attack has not been evaluated theoretically without any assumption of experimental results. In this paper, we discuss the success probability of key recovery attack in χ2-attack and give the theorem that evaluates the success probability of a key recovery attack without any assumption of experimental approximation, for the first time. We make sure the accuracy of our theorem by demonstrating it on both 4-round RC6 without post-whitening and 4-round RC6-8. We also evaluate the security of RC6 theoretically and show that a variant of the χ2-attack is faster than an exhaustive key search for the 192-bit-key and 256-bit-key RC6 with up to 16 rounds. As a result, we succeed in answering such an open question that a variant of the χ2-attack can be used to attack RC6 with 16 or more rounds.

Alfons: A Mimetic Network Environment Construction System

Mimetic environments, which mimic actual networks including personal computers, network assets, etc., are required for cyber range or malware analysis. However, constructing various mimetic environments is costly and tedious because each environment has different network assets. Thus, we propose a building block system for constructing mimetic network environments for cyber security experiments. These building blocks provides a fine-grained way to manage disk images and files to reduce the construction cost. In this paper, we describe the design and implementation of the building block system called Alfons.

NETorium: high-fidelity scalable wireless network emulator

Wireless networks take advantage of various technologies that wired networks do not use, such as authentication and ad hoc networks. Although it is important to verify such wireless network technologies, it is expensive or technologically difficult to repeatedly reproduce the wireless environments required for verification. Additionally, large-scale wireless network environments such as IoT environments are also required for verification of wireless technologies. However, conventional verification approaches cannot provide large-scale wireless network environments that, emulate radio propagation or verify actual wireless technologies and applications. We propose NETorium, which provides large-scale wireless network environments that are suitable for verification of wireless network technologies. NETorium comprises Meteor, a radio propagation emulator, and Asteroid, a virtual wireless network software for building virtual wireless network environments that employ hardware emulators in a wired network. Meteor can handle network protocols that, conventional radio propagation emulators cannot and is capable of emulating radio propagation in large-scale wireless network environments. Asteroid constructs virtual wireless networks that can transmit actual wireless frames. We demonstrate that NETorium can handle 1000-node wireless networks; conventional approaches can only handle a maximum of 100 nodes. Additionally, a performance evaluation of a simulated network with WPA2 authentication in the ad hoc mode demonstrates that NETorium can emulate large-scale wireless network environments with high-fidelity.

DynamiQ: A Tool for Dynamic Emulation of Networks

Interactive network experiments, in which experiment conditions change dynamically based on input from users or other external sources, are the most appropriate approach when evaluating solutions to practical network problems, for teaching and/or training purposes, etc. Support for dynamic experiment conditions is also required whenever an experiment cannot be fully defined from start, for instance when node behavior (application execution, mobility pattern, etc.) depends on factors such as communication conditions in the experiment, traffic content, and so on. In this paper we present the network emulation module named dynamiQ that makes possible the dynamic emulation of networks. We also outline an interactive experiment framework that uses dynamiQ to meet the above requirements. The evaluation of dynamiQ in this context shows that no significant performance penalties occur because of its dynamic nature. Our interactive experiment framework has already been used in practice, including for a demonstration at Interop Tokyo 2014.

Towards an Interactive Experiment Framework: DynamiQ

Interactive network experiments are useful for finding solutions to network problems, for teaching and for training purposes. In this demonstration we shall present an interactive experiment framework that allows users to directly control the experiment scenario by using a touch panel interface. This framework uses the network emulation module named dynamiQ for the dynamic emulation of networks. The demonstration uses a scenario with up to 55 emulated nodes, out of which 30 nodes form an emulated vehicular network and 5 are static buildings. The other nodes represent wireless towers and unmanned aerial vehicles that can be freely placed in the virtual experiment area. Participants are tasked with creating a multi-hop mesh network for sending video tra c between two predefined remote locations. A similar demonstration has already been shown at Interop Tokyo 2014, where it received a special jury award.